Which of the following should an IS auditor consider the MOST significant risk associated with a new health records system that replaces a legacy system?

• A.Staff were not involved in the procurement process, creating user resistance to the new system.
• B.Data is not converted correctly, resulting in inaccurate patient records.
• C.The deployment project experienced significant overruns, exceeding budget projections.
• D.The new system has capacity issues, leading to slow response times for users.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indication of effective IT investment management?

• A.IT investments are implemented and monitored following a system development life cycle (SDLC)
• B.IT investments are mapped to specific business objectives
• C.Key performance indicators (KPIs) are defined for each business requiring IT Investment
• D.The IT Investment budget is significantly below industry benchmarks

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a social engineering attack method?

• A.An intruder eavesdrops and collects sensitive information flowing through the network and sells it to third parties.
• B.An unauthorized person attempts to gam access to secure premises by following an authonzed person through a secure door.
• C.An employee is induced to reveal confidential IP addresses and passwords by answering questions over the phone.
• D.A hacker walks around an office building using scanning tools to search for a wireless network to gain access.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be a result of utilizing a top-down maturity model process?

• A.Identification of processes with the most improvement opportunities
• B.A means of benchmarking the effectiveness of similar processes with peers
• C.Identification of older, more established processes to ensure timely review
• D.A means of comparing the effectiveness of other processes within the enterprise

Comment: *

Name: *

Email: *

Verification: *

When auditing the security architecture of an online application, an IS auditor should FIRST review the:

• A.configuration of the firewall
• B.firewall standards.
• C.firmware version of the firewall
• D.location of the firewall within the network

Comment: *

Name: *

Email: *

Verification: *